6.5

CVSS3.1

CVE-2024-32697 - WordPress HelloAsso plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HelloAsso allows Stored XSS.This issue affects HelloAsso: from n/a through 1.1.5.

πŸ“… Published: April 22, 2024, 7:55 a.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

6.5

CVSS3.1

CVE-2024-32696 - WordPress AI Infographic Maker OpenAI plugin <= 4.6.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud Infographic Maker – iList allows Stored XSS.This issue affects Infographic Maker – iList: from n/a through 4.6.6.

πŸ“… Published: April 22, 2024, 7:50 a.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

7.1

CVSS3.1

CVE-2024-32695 - WordPress Language Switcher for Transposh plugin <= 1.5.9 - Reflected Cross Site Scripting (XSS) vu…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marco Gasi Language Switcher for Transposh allows Reflected XSS.This issue affects Language Switcher for Transposh: from n/a through 1.5.9.

πŸ“… Published: April 22, 2024, 7:49 a.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

7.1

CVSS3.1

CVE-2024-32694 - WordPress 3D FlipBook, PDF Viewer, PDF Embedder plugin <= 3.62 - Reflected Cross Site Scripting (XS…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin allows Reflected XSS.This issue affects 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook…

πŸ“… Published: April 22, 2024, 7:48 a.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

5.9

CVSS3.1

CVE-2024-32690 - WordPress RSS Feed Widget plugin <= 2.9.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood RSS Feed Widget allows Stored XSS.This issue affects RSS Feed Widget: from n/a through 2.9.7.

πŸ“… Published: April 22, 2024, 7:47 a.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

5.3

CVSS3.1

CVE-2023-7252 - Tickera < 3.5.2.5 - Ticket leakage through IDOR

The Tickera WordPress plugin before 3.5.2.5 does not prevent users from leaking other users' tickets.

πŸ“… Published: April 22, 2024, 5 a.m. πŸ”„ Last Modified: May 30, 2025, 4:08 p.m.

3.5

CVSS3.1

CVE-2018-25101 - l2c2technologies Koha opac-MARCdetail.pl cross site scripting

A vulnerability, which was classified as problematic, has been found in l2c2technologies Koha up to 20180108. This issue affects some unknown processing of the file /cgi-bin/koha/opac-MARCdetail.pl. The manipulation of the argument biblionumber with the input 2"><TEST> leads to cross site scripting…

πŸ“… Published: April 22, 2024, 1:31 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.4

CVSS3.1

CVE-2024-22856 -

A SQL injection vulnerability via the Save Favorite Search function in Axefinance Axe Credit Portal >= v.3.0 allows authenticated attackers to execute unintended queries and disclose sensitive information from DB tables via crafted requests.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.4

CVSS3.1

CVE-2024-31545 -

Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 14, 2025, 1:46 p.m.

4.3

CVSS3.1

CVE-2022-34561 -

A cross-site scripting (XSS) vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 22, 2025, 4:06 p.m.
Total resulsts: 349182
Page 10195 of 34,919
Β« previous page Β» next page
Filters